Leaked Shai-Hulud malware fuels wave of npm credential theft campaigns

Threat summary

On May 18, 2026, researchers reported that the Shai‑Hulud malware source code had been leaked and reused by multiple threat actors.

Multiple malicious npm packages were published using cloned, non‑obfuscated versions of the malware, including typosquatted packages targeting common developer dependencies. These packages embedded credential‑stealing functionality and, in some cases, included distributed denial‑of‑service (DDoS) capabilities, demonstrating early reuse of the leaked code.

The following day, on May 19, threat actors published 600+ malicious packages to the Node Package Manager (npm) registry, indicating active use of the leaked Shai‑Hulud code. Adversaries leveraged compromised maintainer credentials to push malicious updates to legitimate packages, allowing the payload to reach developers through trusted dependencies rather than newly created packages.

The malware embedded in these packages executes automatically during installation and is designed to collect credentials and sensitive configuration data from developer workstations and continuous integration and continuous delivery (CI/CD) environments. Targeted data includes GitHub tokens, npm tokens, cloud credentials, Kubernetes and Docker configurations, and database access details.

In campaigns using the leaked code, the payload also demonstrated the ability to harvest cryptocurrency wallet data and account information and transmit it to attacker‑controlled infrastructure. Stolen data is exfiltrated using encrypted channels and, in some cases, uploaded to public repositories under victim accounts, enabling further propagation.

Analysis

The public availability of Shai-Hulud code enables rapid reuse, broader participation by threat actors, and faster propagation across software ecosystems.

Organizations using npm packages, particularly those with automated dependency pipelines, face direct exposure. Any environment that installed or updated affected packages during this activity may have exposed credentials, including CI/CD tokens, cloud access keys, and repository credentials.

The impact extends beyond the initial compromise, as stolen credentials can be used to access internal systems, modify source code, or publish additional malicious packages.

Reducing exposure starts with reviewing dependencies and identifying any packages associated with Shai-Hulud activity. Pinning dependencies to known good versions and limiting automatic updates reduces the risk of introducing compromised code into build pipelines. Credentials associated with developer environments and CI/CD systems can be rotated, including GitHub tokens, npm tokens, and cloud access keys, as these are primary targets of the malware. Monitoring for unexpected repository creation, unauthorized commits, or anomalous access patterns can help identify active misuse of credentials.

Additional controls include restricting outbound network access from build systems, monitoring for unusual data exfiltration behavior, and validating CI/CD workflows for unauthorized modifications. Rebuilding affected systems from clean images reduces the risk of persistence where additional payloads or backdoors may have been introduced. Strengthening visibility across dependency management and build activity improves detection of malicious behavior embedded in trusted software components.

Stay on top of emerging threats like this.

Sign up to receive a weekly roundup of our security intelligence feed. You'll be the first to know of emerging attack vectors, threats, and vulnerabilities. 

Sign up